On September 15, the European Court of Justice (ECJ) held that a business offering public access to a free Wi-Fi network is not liable for copyright infringement committed by a user of that network. However, the business may be required to password-protect its network in order to bring an end to, or prevent, infringements.

The underlying case was brought before the Regional Court Munich by Sony Music Entertainment Germany against a shop owner offering free Wi-Fi in order to bring in new customers. After a song file had been unlawfully offered for downloading via the network, the court found that the shop owner was not the party infringing the copyright, but that he was potentially indirectly liable since the network was not password-protected. The court asked the ECJ whether the E-Commerce Directive (2000/31/EC), which exempts intermediate providers from liability for unlawful acts committed by a third party with respect to the information transmitted, precluded such indirect liability. In its judgment, the ECJ confirms that the operator of a free Wi-Fi network provides access to a communication network in the sense of the Directive. Therefore, rights holders are not entitled to claim compensation or damages (including reimbursement of the costs of giving formal notice, or court or attorney costs) due to the network being used by third parties to infringe their rights. Unlike a website host, the provider of a Wi-Fi network cannot remove information or disable access to such information at a later time. However, the ECJ stressed that the directive does not preclude rights holders from requiring, e.g. by way of an injunction, that the provider secure the network to end, or prevent, any infringements committed by its users. Under this ruling, it is therefore recommendable for providers of free Wi-Fi networks within Europe to secure them either by password protection or user registration in order to avoid any cease-and-desist claims by rights holders.